PRA messaging around firms’ operational resilience to cyber threat

WilmerHale
Contact

In May the PRA’s Lyndon Nelson gave a speech about the development of the Regulator’s response to cyber risk. In his speech he:

  • made clear that the PRA’s approach is focused on the testing of firms’ resilience to cyber risk and the use simulation exercises to rehearse responses to cyberattacks
  • Noted the high detection rate of inadequate cyber hygiene across the PRA’s testing
  • Indicated that the PRA plans to extend its cyber stress testing and simulation exercises beyond the largest firms
  • Noted how the composition of attacks has shifted towards the exploitation of third-party/outsourced relationships, which has highlighted the likely future additional exposure where a firm uses a “patchwork” of its own services and outsourced providers.

Commentary

For firms getting to grips with the PRA and FCA’s policy statements on operational resilience, published in March 2021, these comments may not come as a great surprise. However, as acknowledged by Nelson one of, if not the, most significant challenges posed by operational and cyber resilience is likely to be around outsourced services and technology. He noted the connection between the size and market dominance of an outsourced service provider and its systemic vulnerability.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations. Attorney Advertising.

© WilmerHale

Written by:

WilmerHale
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

WilmerHale on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide